Ciscogate

Ciscogate, also known as the Black Hat Bug, is the name given to a legal incident that occurred at the Black Hat Briefings security conference in Las Vegas, Nevada, on July 27, 2005. On the morning of the first day of the conference, July 26, 2005, some attendees noticed that 30 pages of text had been physically ripped out of the extensive conference presentation booklet the night before at the request of Cisco Systems and the CD-ROM with presentation slides was not included. It was determined the pages covered a talk to be given by Michael Lynn, a security researcher with Atlanta-based IBM Internet Security Systems (ISS). Instead of the pages with the details, attendees found a photographed copy of a notice from Black Hat saying "Due to some last minute changes beyond Black Hat's control, and at the request of the presenter, the included materials aren't up to the standards Black Hat tries to meet. Black Hat will be the first to apologize. We hope the vendors involved will follow suit." According to Lynn's lawyer, his employer had approved of the talk leading up to the conference but changed their minds two days before the scheduled talk, forbidding him from presenting. Lynn's original presentation was to cover a vulnerability in Cisco routers. The presentation was one of four scheduled to follow Jeff Moss' keynote address on the first day of the conference, titled "Cisco IOS Security Architecture". After being told by his employer that he could not present on the topic, Lynn chose an alternate topic. Cisco and ISS had offered to give new joint presentation but this was turned down by Black Hat because the original speaking slot was given to Lynn, not Cisco. Lynn's presentation began by covering security issues in services that allow users to make Voice over IP telephone calls. Shortly after beginning the presentation Lynn changed back to his original topic and began disclosing some technical details of the vulnerability he found in Cisco routers stating that he would rather resign from his job at ISS than keep the details private. == Lawsuit == Shortly after Lynn concluded his talk he met Jennifer Granick, who would soon become his lawyer. During their initial meeting Lynn told Granick that he expected to be sued. Later in the evening Lynn had heard that Cisco and ISS had filed a lawsuit and requested a temporary restraining order against Black Hat but not himself. A public relations representative from Black Hat told Granick that the lawsuit was against both Black Hat and Lynn and that the companies had scheduled an Ex parte hearing in San Francisco the next morning to request the restraining order. That night, Andrew Valentine, an attorney for ISS and Cisco called Lynn who directed them to Granick. During the conversation Valentine explained the claims and accusations against Lynn, which included three things: 1) ISS claimed copyright over the presentation that Lynn gave, 2) Cisco claimed copyright over the decompiled machine code obtained from the router which was included in the presentation, and 3) Cisco claimed the presentation contained trade secrets. These complaints were outlined in a civil complaint at the U.S. Northern District of California and filed against both Lynn and Black Hat. According to Granick, she and Valentine were able agree to an injunction to settle the case without court proceedings. This deal was almost called off due to an inadvertent mistake by Black Hat in which they had restored Lynn's presentation on their web server. Black Hat, Granick, and the plaintiff's lawyers were able to resolve this problem and the deal stood. One condition of the settlement required Lynn to provide an image of all computer data he used in his research to be provided to a third party for forensic analysis before erasing his research and any Cisco data from his systems. The settlement also stipulated that Lynn was prohibited from talking about the vulnerability in the future. == FBI Investigation == Shortly after lawyers for Lynn and ISS / Cisco filed settlement papers, FBI agents from the Las Vegas office arrived at the conference to begin asking questions. According to Granick, they were there at the request of the Atlanta FBI office and Lynn was not of interest. Granick asserted the Fifth and Sixth amendment rights on behalf of her client, Lynn. Granick asserted his rights for the Atlanta office and asked if an arrest warrant had been issued for Lynn. Over the next 24 hours Granick was not able to ascertain the status of a warrant but ultimately determined no warrant was issued. When the FBI was asked about the case by a journalist, spokesman Paul Bresson declined to discuss the case saying "Our policy is to not make any comment on anything that is ongoing. That's not to confirm that something is, because I really don't know". Granick would only confirm to journalists that the "investigation has to do with the presentation". == Response == === Attendees === Attendees of Black Hat Briefings, as well as many that also attended DEF CON, were not happy with vendors threatening legal action over vulnerability disclosure. The term "Ciscogate" was coined quickly by an unknown person, but some attendees were quick to create shirts to commemorate the incident. === Cisco === Mojgan Khalili, a senior manager for corporate PR at Cisco, issued a statement to the press saying "It is important to note that the information Mr. Lynn presented was not a disclosure of a new vulnerability or a flaw with Cisco IOS software. Mr. Lynn's research explores possible ways to expand exploitations of existing security vulnerabilities impacting routers." === ISS === Kim Duffy, managing director of ISS Australia, was asked about ISS's response to the incident. Duffy responded that it was "business as usual" as the company handled the incident "strictly by the book". He gave a brief statement to ZDNet UK saying "ISS has published rules for disclosure and that is what we stick to. We didn't care to publish [the disclosure] because we were not ready. We had not completed the research to our satisfaction so it was not ready to be disclosed". ISS spokesperson Roger Fortier confirmed that Lynn was no longer employed with the company and that ISS was still working with Cisco on the matter. He gave a statement to the Washington Post saying "ISS and Cisco have been working on this in the background and didn't feel at this time that the material was ready for publication. The decision was made on Monday to pull the presentation because we wanted to make sure the research was fully baked."

List of C software and tools

This is a list of software and programming tools for the C programming language, including libraries, debuggers, compilers, integrated development environments (IDEs), and other related development tools and utilities. == Libraries and tools == Adns — asynchronous DNS resolver library Advanced Linux Sound Architecture — API for sound card device drivers Allegro — cross-platform software library for video game development Apache Portable Runtime — Apache web server tool set of APIs that map to the underlying operating system Argon2 — memory-hard password hashing library Berkeley DB — embedded database software library for key/value data Binary File Descriptor library — binary file manipulation library in the GNU toolchain Boehm garbage collector – conservative garbage collector Borland Graphics Interface — graphics library for Borland compilers BSAFE — FIPS 140-2 validated cryptography library Chipmunk — 2D real-time rigid body physics engine C POSIX library — specification of a C standard library for POSIX systems C standard library – standard library for the C programming language Cairo – vector graphics library API for software developers CFD General Notation System (CGNS) — data format and library for computational fluid dynamics cJSON — lightweight JSON parser CLIPS — public-domain software tool for building expert systems Core Audio — low-level API for dealing with sound in Apple's macOS and iOS operating systems Core Foundation — API for macOS and iOS and other Apple operating systems Core Image — GPU accelerated image processing technology for Apple operating systems with Quartz graphics rendering layer. Core Text — text layout and font rendering API for macOS and iOS. Cryptlib — portable cryptography library cURL / libcurl — CLI app for uploading and downloading individual files, such as a URL from a web server over HTTP. DevIL — cross-platform image library for loading and converting file formats DirectFB — graphics acceleration and input device handling library Dld — dynamic loading library Expat — stream-oriented XML 1.0 parser library, written in C99. FFmpeg — multimedia framework for audio/video processing Fontconfig — font customization and configuration library FreeTDS — database library for Sybase and Microsoft SQL Server FreeType — render text onto bitmaps with a font rasterization engine GD Graphics Library — image creation and manipulation library GDK — graphics abstraction layer for GTK GEGL — graph-based image processing framework GIO — I/O and virtual file system library in GLib GLib — utility library providing data structures, event loops, and portability functions. glibc — GNU implementation of the C standard library GLFW — library for OpenGL contexts, windows, and input device handling GNet — networking library for GLib GNU Libtool — Library management tool GNU portability library — collection of portability routines for GNU software GNU Portable Threads — POSIX/ANSI-C based user space thread library for UNIX for scheduling multithreading GNU Readline — command-line editing library GnuTLS — secure communications (TLS/SSL) library GObject — object system library for GNOME GTK — widget toolkit for creating graphical user interfaces GTK Scene Graph Kit (GSK) — scene graph and rendering toolkit for GTK HDF — file format and library for managing large datasets Integrated Performance Primitives — Intel library of optimized multimedia and data processing routines IUP — portable GUI toolkit J2K-Codec — JPEG 2000 image codec JasPer — reference implementation of the codec specified in the JPEG-2000 Part-1 standard LDAP API — API for interacting with Lightweight Directory Access Protocol LZO — lossless compression library Liba52 — decoder for A/52 (AC-3) audio streams libarchive — reading and writing various archive and compression formats Libart — 2D graphics library Libavcodec — codec library from FFmpeg Libavdevice — library for handling multimedia devices Libavfilter — audio and video filter library Libavformat — library for muxing and demuxing multimedia Libpcap — packet capture library Libdca — decoder for DTS audio Libdvdcss — access to encrypted DVD-Video discs libevent — asynchronous event notification callbacks libffi — foreign function interface libfuse — userspace filesystem Libgegl — programming interface to GEGL image processing libgcrypt — cryptography Libgimp — plug-in development library for GIMP Libhybris — compatibility layer for running Android libraries on Linux Libinput — input device library for Wayland and X.Org libjpeg — JPEG image library libLAS — reading and writing geospatial data encoded in the ASPRS laser (LAS) file format libmicrohttpd — small C library for embedding HTTP server functionality Libmpcodecs — media player codec library from MPlayer Libmpdemux — demultiplexing library from MPlayer libpng — PNG image format Libpostproc — video post-processing library from FFmpeg libpq — PostgreSQL client LibreSSL — fork of OpenSSL for TLS Librsb — parallel library for sparse matrix computations Librsvg — SVG rendering library libsndfile — reading and writing audio files libsodium — easy-to-use cryptography library Libswscale — image scaling and colorspace conversion library LibTIFF — TIFF image handling library Libusb — USB device access library Libuv — asynchronous I/O and event loop library LibVLC — media player engine from VLC LibVNCServer — implementation of the VNC server protocol Libvpx — VP8 and VP9 video codec library Libwww — early World Wide Web protocol library from W3C libxml2 — XML parsing Libxslt — XSLT library for the GNOME Project libzip — ZIP archives Lightning Memory-Mapped Database — fast key–value database engine LittleCMS — open-source color management system LZ4 — fast lossless compression algorithm LZFSE — compression library developed by Apple MatrixSSL — lightweight TLS implementation Mbed TLS — portable cryptography and TLS library MediaLib — Sun Microsystems library for multimedia processing Mesa — OpenGL and Vulkan graphics library Microwindows — small windowing system for embedded devices Ming — library for generating SWF (Flash) files Mongoose — embedded web server and networking library Mpg123 — MP3 audio decoding library MPIR — multiple-precision arithmetic library MsQuic — Microsoft implementation of the QUIC transport protocol MuJoCo — physics engine for robotics and control Mustache — logic-less templating library Ncurses — terminal control library Nettle — low-level cryptography library Newt — text-based user interface library Netpbm — graphics conversion and processing library Nghttp2 — implementation of the HTTP/2 protocol Oniguruma — regular expression library Open Asset Import Library — library to import/export 3D model formats OpenCL — parallel computing API/library OpenCV — computer vision OpenGL — API for rendering 2D and 3D vector graphics OpenGL Utility Library — OpenGL utility functions OpenJPEG — JPEG 2000 image codec OpenSSL — SSL and TLS protocols and cryptography library Pango — layout engine library which works with the HarfBuzz shaping engine for displaying multi-language text perf (Linux) — performance analyzing tool PCRE — regular expression library PROJ — library for map projections and coordinate transforms Quartz 2D — 2D graphics rendering API for macOS and iOS platforms, part of the Core Graphics framework. Raylib — simple library for games and multimedia Redland RDF Application Framework — RDF data storage library S2n-tls — TLS implementation from AWS Setcontext — context switching library functions SDL — Simple DirectMedia Layer systemd — system and service manager libraries for Linux Tk — GUI widgets for building graphical user interfaces VDPAU — video decoding acceleration API Vorbis — audio compression codec library VTD-XML — high-performance XML parser Wimlib — library for handling Windows Imaging Format disk images Windows.h — base Windows API header file WolfSSH — lightweight SSH library WolfSSL — lightweight SSL/TLS library X Toolkit Intrinsics — toolkit library for the X Window System x264 — H.264 video codec library XCB — C binding for the X Window System protocol Xft — font rendering library using FreeType Xlib — low-level X Window System API XMDF — eXtensible Model Data Format for scientific data XMLStarlet — XML command-line toolkit zlib — data compression Zopfli — data compression library that performs deflate, gzip and zlib data encoding. Zstd — fast data compression library == Integrated development environments == Anjuta — GNOME IDE CLion — cross-platform commercial IDE from JetBrains Code::Blocks — cross-platform open-source IDE CodeLite — open-source IDE Dev-C++ Eclipse CDT Geany — text editor with IDE features KDevelop — KDE IDE NetBeans Qt Creator SlickEdit Visual Studio Xcode === Online IDEs === CodeSandbox — online IDE primarily for web development with some C support via containers GitHub Codespaces — cloud-based online IDE developed by GitHub Google Cloud Shell — browser-based shell and editor that can comp

View model

A view model or viewpoints framework in systems engineering, software engineering, and enterprise engineering is a framework which defines a coherent set of views to be used in the construction of a system architecture, software architecture, or enterprise architecture. A view is a representation of the whole system from the perspective of a related set of concerns. Since the early 1990s there have been a number of efforts to prescribe approaches for describing and analyzing system architectures. A result of these efforts have been to define a set of views (or viewpoints). They are sometimes referred to as architecture frameworks or enterprise architecture frameworks, but are usually called "view models". Usually a view is a work product that presents specific architecture data for a given system. However, the same term is sometimes used to refer to a view definition, including the particular viewpoint and the corresponding guidance that defines each concrete view. The term view model is related to view definitions. == Overview == The purpose of views and viewpoints is to enable humans to comprehend very complex systems, to organize the elements of the problem and the solution around domains of expertise and to separate concerns. In the engineering of physically intensive systems, viewpoints often correspond to capabilities and responsibilities within the engineering organization. Most complex system specifications are so extensive that no single individual can fully comprehend all aspects of the specifications. Furthermore, we all have different interests in a given system and different reasons for examining the system's specifications. A business executive will ask different questions of a system make-up than would a system implementer. The concept of viewpoints framework, therefore, is to provide separate viewpoints into the specification of a given complex system in order to facilitate communication with the stakeholders. Each viewpoint satisfies an audience with interest in a particular set of aspects of the system. Each viewpoint may use a specific viewpoint language that optimizes the vocabulary and presentation for the audience of that viewpoint. Viewpoint modeling has become an effective approach for dealing with the inherent complexity of large distributed systems. Architecture description practices, as described in IEEE Std 1471-2000, utilize multiple views to address several areas of concerns, each one focusing on a specific aspect of the system. Examples of architecture frameworks using multiple views include Kruchten's "4+1" view model, the Zachman Framework, TOGAF, DoDAF, and RM-ODP. == History == In the 1970s, methods began to appear in software engineering for modeling with multiple views. Douglas T. Ross and K.E. Schoman in 1977 introduce the constructs context, viewpoint, and vantage point to organize the modeling process in systems requirements definition. According to Ross and Schoman, a viewpoint "makes clear what aspects are considered relevant to achieving ... the overall purpose [of the model]" and determines How do we look at [a subject being modelled]? As examples of viewpoints, the paper offers: Technical, Operational and Economic viewpoints. In 1992, Anthony Finkelstein and others published a very important paper on viewpoints. In that work: "A viewpoint can be thought of as a combination of the idea of an “actor”, “knowledge source”, “role” or “agent” in the development process and the idea of a “view” or “perspective” which an actor maintains." An important idea in this paper was to distinguish "a representation style, the scheme and notation by which the viewpoint expresses what it can see" and "a specification, the statements expressed in the viewpoint's style describing particular domains". Subsequent work, such as IEEE 1471, preserved this distinction by utilizing two separate terms: viewpoint and view, respectively. Since the early 1990s there have been a number of efforts to codify approaches for describing and analyzing system architectures. These are often termed architecture frameworks or sometimes viewpoint sets. Many of these have been funded by the United States Department of Defense, but some have sprung from international or national efforts in ISO or the IEEE. Among these, the IEEE Recommended Practice for Architectural Description of Software-Intensive Systems (IEEE Std 1471-2000) established useful definitions of view, viewpoint, stakeholder and concern and guidelines for documenting a system architecture through the use of multiple views by applying viewpoints to address stakeholder concerns. The advantage of multiple views is that hidden requirements and stakeholder disagreements can be discovered more readily. However, studies show that in practice, the added complexity of reconciling multiple views can undermine this advantage. IEEE 1471 (now ISO/IEC/IEEE 42010:2011, Systems and software engineering — Architecture description) prescribes the contents of architecture descriptions and describes their creation and use under a number of scenarios, including precedented and unprecedented design, evolutionary design, and capture of design of existing systems. In all of these scenarios the overall process is the same: identify stakeholders, elicit concerns, identify a set of viewpoints to be used, and then apply these viewpoint specifications to develop the set of views relevant to the system of interest. Rather than define a particular set of viewpoints, the standard provides uniform mechanisms and requirements for architects and organizations to define their own viewpoints. In 1996 the ISO Reference Model for Open Distributed Processing (RM-ODP) was published to provide a useful framework for describing the architecture and design of large-scale distributed systems. == View model topics == === View === A view of a system is a representation of the system from the perspective of a viewpoint. This viewpoint on a system involves a perspective focusing on specific concerns regarding the system, which suppresses details to provide a simplified model having only those elements related to the concerns of the viewpoint. For example, a security viewpoint focuses on security concerns and a security viewpoint model contains those elements that are related to security from a more general model of a system. A view allows a user to examine a portion of a particular interest area. For example, an Information View may present all functions, organizations, technology, etc. that use a particular piece of information, while the Organizational View may present all functions, technology, and information of concern to a particular organization. In the Zachman Framework views comprise a group of work products whose development requires a particular analytical and technical expertise because they focus on either the “what,” “how,” “who,” “where,” “when,” or “why” of the enterprise. For example, Functional View work products answer the question “how is the mission carried out?” They are most easily developed by experts in functional decomposition using process and activity modeling. They show the enterprise from the point of view of functions. They also may show organizational and information components, but only as they relate to functions. === Viewpoints === In systems engineering, a viewpoint is a partitioning or restriction of concerns in a system. Adoption of a viewpoint is usable so that issues in those aspects can be addressed separately. A good selection of viewpoints also partitions the design of the system into specific areas of expertise. Viewpoints provide the conventions, rules, and languages for constructing, presenting and analysing views. In ISO/IEC 42010:2007 (IEEE-Std-1471-2000) a viewpoint is a specification for an individual view. A view is a representation of a whole system from the perspective of a viewpoint. A view may consist of one or more architectural models. Each such architectural model is developed using the methods established by its associated architectural system, as well as for the system as a whole. === Modeling perspectives === Modeling perspectives is a set of different ways to represent pre-selected aspects of a system. Each perspective has a different focus, conceptualization, dedication and visualization of what the model is representing. In information systems, the traditional way to divide modeling perspectives is to distinguish the structural, functional and behavioral/processual perspectives. This together with rule, object, communication and actor and role perspectives is one way of classifying modeling approaches === Viewpoint model === In any given viewpoint, it is possible to make a model of the system that contains only the objects that are visible from that viewpoint, but also captures all of the objects, relationships and constraints that are present in the system and relevant to that viewpoint. Such a model is said to be a viewpoint model, or a view of the

SAP Cloud Infrastructure

SAP Cloud Infrastructure is an SAP-operated IaaS cloud platform, used to run SAP’s cloud business and customer-facing deployments for SAP and non-SAP workloads. It is developed and operated with open-source technologies within SAP’s data center network, based on OpenStack and Kubernetes and supporting SAP S/4HANA and general-purpose applications. It offers compute, storage, and platform services that are accessible to SAP customers. == History == In 2012, SAP promoted aspects of cloud computing. In October 2012, SAP announced a platform as a service called the SAP Cloud Platform. In May 2013, a managed private cloud called the S/4HANA Enterprise Cloud service was announced. SAP Converged Cloud was announced in January 2015. SAP Converged Cloud was originally developed as SAP's internal standardized Infrastructure as a Service (IaaS) offering to support SAP’s cloud solutions. Originating from SAP Converged Cloud, SAP Cloud Infrastructure was developed and announced as SAP’s cloud computing offering that is provided for both SAP and customer workloads. In 2025, it had a global footprint of 15 regions and 29 data centers, encompassing more than 200,000 active VMs and over 6,000 hypervisors. In September 2025, SAP announced an expansion of its European “SAP Sovereign Cloud” portfolio, explicitly naming SAP Cloud Infrastructure (alongside SAP Sovereign Cloud On-Site) as part of the stack positioned for public sector and regulated environments. == Services and Features == SAP Cloud Infrastructure (SCI) is an infrastructure-as-a-service (IaaS) offering by SAP that provides virtual compute, storage, and networking services, together with identity, key management, and operational services. SCI follows a self-service model and is managed via APIs and a web-based user interface. === Compute === SCI provides virtual machine instances that can be provisioned from operating system images and selected in predefined sizes (“flavors”). It supports lifecycle operations such as create/modify/resize/delete, power control, and snapshots; instances can be organized into server groups to influence placement policies. === Storage === SCI provides persistent storage services including: Block storage (virtual volumes) with attach/detach to instances, online expansion, cloning, snapshots, and provisioning volumes from images or snapshots. Object storage (containers and objects) managed via API/CLI with access control lists (ACLs) and configurable redundancy options. File storage (shared file systems) with access controls, online resize, snapshots/restore, and replication across availability zones. === Networking === SCI provides software-defined networking (SDN) for tenant networks (networks, subnets, routers) and connectivity features such as floating IPs for public reachability. Network security controls include security groups and firewall policies; connectivity options include BGP-based VPN networking. === Load balancing and DNS === SCI includes managed load balancing for distributing traffic across backend instances and an authoritative DNS service (DNSaaS) with API-based management of DNS zones and records, including options for zone sharing/transfer across projects/tenants and service integrations for automated record creation. === Identity, access, and key management === SCI includes identity and access management for authentication/authorization in projects/tenants (for example token handling, role assignment, and credential management) and key/secrets management for storing and controlling access to secret material such as keys and certificates, including support for different backends (depending on configuration). === Cloud-native services === SCI includes a container image registry (image push/pull, access policies, and lifecycle controls) and an auto-scaling capability for file shares based on configurable rules. === Observability and audit === SCI includes metrics and audit logging capabilities for operational monitoring and for listing/filtering audit-relevant events across services. === Availability and service levels === SCI documentation describes availability-related features such as load balancing, storage redundancy options, and replication for file shares across availability zones. SAP cloud services are governed by contractual service-level agreements (SLA); SAP Cloud Infrastructure references an SLA supplement defining infrastructure-specific terms when referenced in order forms. === SAP cloud services === SAP cloud services can run on different underlying infrastructures, including SAP Cloud Infrastructure in addition to SAP NS2 or hyperscalers. SAP cloud solutions available on SAP Cloud Infrastructure include SAP Cloud ERP, SAP HCM, SAP Solutions for Spend Management, Supply Chain Management, Business Transformation Management, and SAP Business Technology Platform (including related analytics and business data solutions). For example, SAP HANA Cloud documentation lists SAP Cloud Infrastructure as one of the supported infrastructures alongside hyperscalers. === Sustainability === SAP describes sustainability initiatives for its data centers, including energy-efficient infrastructure (for example, advanced cooling systems and power management), renewable electricity usage where feasible, and operational practices such as recycling electronic waste and minimizing water usage. SAP also references environmental management and energy management standards such as ISO 14001 and ISO 50001 for its data center operations. SAP-owned data centers run with 100% renewable electricity and that renewable electricity has been used since 2014 to power SAP facilities including owned data centers and co-locations. == SAP Cloud Infrastructure for SAP Sovereign Cloud == SAP Sovereign Cloud is a portfolio of SAP solutions designed to help organizations adopt SAP cloud solutions such as the SAP Cloud ERP while maintaining control over data, infrastructure, and compliance in line with local laws and regulations. The portfolio offers multiple deployment options, including SAP Cloud Infrastructure and SAP Sovereign Cloud On-Site, alongside sovereign hyperscaler-based options such as via SAP NS2, and targets customers such as public-sector bodies and other highly regulated organizations. In Europe, SAP Cloud Infrastructure is an Infrastructure-as-a-Service (IaaS) deployment option within SAP Sovereign Cloud for SAP and customer / third party workloads, operated on SAP’s data center network and developed using open-source technologies, with customer data stored within the European Union. Sovereignty-related characteristics for the SAP Cloud Infrastructure include: EU footprint and ownership model: SAP-operated data centers in Germany include sites in St. Leon-Rot and Walldorf, and co-location sites in Frankfurt. EU AI Cloud: EU AI Cloud is a sovereign AI offering for Europe that provides secure, compliant environments for building and running AI, including governed access to auditable large language models from SAP and partners. It offers AI models on the SAP Cloud Infrastructure and SAP Business Technology Platform (SAP BTP), enabling deployment of AI applications and models on high-performance European infrastructure (including accelerator/GPU-based compute for AI workloads). Availability zones and secure interconnect: Three availability zones in three independent data centers in Germany, connected via SAP-owned fiber on SAP-owned property. Facility and security standards: ISO/IEC 27001 governance of delivery and operations of SAP cloud services and SAP-owned data centers. Additional facility and availability standards: EN 50600 availability class 3 (European data centre standard) and/or ISO/IEC 22237 availability class 3 (international equivalent). Technology foundation: Based on open-source cloud infrastructure framework (OpenStack) and Kubernetes, without dependencies on hyperscaler technologies. Sovereignty controls: Data sovereignty (data residency), operational sovereignty (administration and maintenance restricted to approved, security-cleared personnel), technical sovereignty (locally hosted control planes with separation via encryption or dedicated infrastructure), and legal sovereignty (use of locally based legal entities or those in approved countries). Classified information processing: Roadmap to meet high and very high requirements for handling classified or sensitive information under European regulatory and security regimes. Public-sector readiness and EU sovereignty assurance levels: Implemented to meet SEAL-3 (Digital Resilience) and SEAL-4 (Full Digital Sovereignty) of the European Commission’s Cloud Sovereignty Framework. Staffing constraints: Operations model selectable to restrict sensitive operations to vetted personnel from EU or NATO countries.

Color moments

Color moments are measures that characterise color distribution in an image in the same way that central moments uniquely describe a probability distribution. Color moments are mainly used for color indexing purposes as features in image retrieval applications in order to compare how similar two images are based on color. Usually one image is compared to a database of digital images with pre-computed features in order to find and retrieve a similar Image. Each comparison between images results in a similarity score, and the lower this score is the more identical the two images are supposed to be. == Overview == Color moments are scaling and rotation invariant. It is usually the case that only the first three color moments are used as features in image retrieval applications as most of the color distribution information is contained in the low-order moments. Since color moments encode both shape and color information they are a good feature to use under changing lighting conditions, but they cannot handle occlusion very successfully. Color moments can be computed for any color model. Three color moments are computed per channel (e.g. 9 moments if the color model is RGB and 12 moments if the color model is CMYK). Computing color moments is done in the same way as computing moments of a probability distribution. === Mean === The first color moment can be interpreted as the average color in the image, and it can be calculated by using the following formula E i = ∑ j = 1 N 1 N p i j {\displaystyle E_{i}=\textstyle \sum _{j=1}^{N}{\frac {1}{N}}p_{ij}} where N is the number of pixels in the image and p i j {\displaystyle p_{ij}} is the value of the j-th pixel of the image at the i-th color channel. === Standard Deviation === The second color moment is the standard deviation, which is obtained by taking the square root of the variance of the color distribution. σ i = ( 1 N ∑ j = 1 N ( p i j − E i ) 2 ) {\displaystyle \sigma _{i}={\sqrt {({\frac {1}{N}}\textstyle \sum _{j=1}^{N}(p_{ij}-E_{i})^{2})}}} where E i {\displaystyle E_{i}} is the mean value, or first color moment, for the i-th color channel of the image. === Skewness === The third color moment is the skewness. It measures how asymmetric the color distribution is, and thus it gives information about the shape of the color distribution. Skewness can be computed with the following formula: s i = ( 1 N ∑ j = 1 N ( p i j − E i ) 3 ) 3 σ i {\displaystyle s_{i}={\frac {\sqrt[{3}]{\left({\frac {1}{N}}\textstyle \sum _{j=1}^{N}(p_{ij}-E_{i})^{3}\right)}}{\sigma _{i}}}} === Kurtosis === Kurtosis is the fourth color moment, and, similarly to skewness, it provides information about the shape of the color distribution. More specifically, kurtosis is a measure of how extreme the tails are in comparison to the normal distribution. === Higher-order color moments === Higher-order color moments are usually not part of the color moments feature set in image retrieval tasks as they require more data in order to obtain a good estimate of their value, and also the lower-order moments generally provide enough information. == Applications == Color moments have significant applications in image retrieval. They can be used in order to compare how similar two images are. This is a relatively new approach to color indexing. The greatest advantage of using color moments comes from the fact that there is no need to store the complete color distribution. This greatly speeds up image retrieval since there are less features to compare. In addition, the first three color moments have the same units, which allows for comparison between them. === Color indexing === Color indexing is the main application of color moments. Images can be indexed, and the index will contain the computed color moments. Then, if someone has a particular image and wants to find similar images in the database, the color moments of the image of interest will also be computed. After that the following function will be used in order to compute a similarity score between the image of interest and all the images in the database: d m o m ( H , I ) = ∑ i = 1 r w i 1 | E i 1 − E i 2 | + w i 2 | σ i 1 − σ i 2 | + w i 3 | s i 1 − s i 2 | {\displaystyle d_{mom}(H,I)=\textstyle \sum _{i=1}^{r}w_{i1}|E_{i}^{1}-E_{i}^{2}|+w_{i2}|\sigma _{i}^{1}-\sigma _{i}^{2}|+w_{i3}|s_{i}^{1}-s_{i}^{2}|} where: H and I are the color distributions of the two images that are being compared i is the channel index and r is the total number of channels E i 1 {\displaystyle E_{i}^{1}} and E i 2 {\displaystyle E_{i}^{2}} are the first order moments computed for the image distributions. σ i 1 {\displaystyle \sigma _{i}^{1}} and σ i 2 {\displaystyle \sigma _{i}^{2}} are the second order moments computed for the image distributions. s_i^1 and s_i^2 are the third order moments computed for the image distributions. w i 1 {\displaystyle w_{i1}} , w i 2 {\displaystyle w_{i2}} , and w i 3 {\displaystyle w_{i3}} are weights, specified by the user, for each of the three color moments used. Finally, the images in the database will be ranked according to the computed similarity score with the image of interest, and the database images with the lowest d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} value should be retrieved. "A retrieval based on d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} may produce false positives because the index contains no information about the correlation between the color channels". == Example == A simple and concise example of the use of color moments for image retrieval tasks is illustrated in. Consider having several test images in a database and a "New Image". The goal is to retrieve images from the database that are similar to the "New Image". The first three color moments are used as features. There are several steps in this computation. Image preprocessing (Optional) - The image preprocessing step of the computation process is optional. For example, in this step all images could be modified to be the same size (in terms of pixels). However, since color moments are invariant to scaling, it is not necessary to make all images the same width and height. Computing the features - Use the color moments formulae in order to compute the first three moments for each of the color channels in the image. For example, if the HSV color space is used, this means that for each of the images, 9 features in total will be computed (the first three order moments for the Hue, Saturation, and Value channels). Calculating the similarity score - After computing the color moments the weights for each of the moments in the d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} function should be determined by the user. The weights have to be adjusted each time in accordance with the application or condition and quality of the images. Following that the d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} function is used to calculate a similarity score for the "New Image" and each of the images in the database. Ranking and image retrieval - From the previous step the d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} values were obtained. Now a comparison of these values can be made in order to decide which of the images in the database are more similar to the "New Image", and thus rank the database images accordingly. The smaller the d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} value is the more similar the two color distributions are supposed to be. Finally, some of the top ranked images (the ones with the smallest d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} value) from the database are retrieved.

Afghan Girls Robotics Team

The Afghan Girls Robotics Team, also known as the Afghan Dreamers, is an all-girl robotics team from Herat, Afghanistan, founded through the Digital Citizen Fund (DCF) in 2017 by Roya Mahboob and Alireza Mehraban. It is made up of girls between ages 12 and 18 and their mentors. Several members of the team were relocated to Qatar and Mexico by humanitarian and tech entrepreneur Sarah Porter following the fall of Kabul in August 2021. A documentary film featuring members of the team, titled Afghan Dreamers, was released by MTV Documentary Films in 2023. == Origins == The Afghan Girls Robotics Team was co-founded in 2017 by Roya Mahboob, who is their coach, mentor and sponsor, and founder of the Digital Citizen Fund (DCF), which is the parent organization for the team. Dean Kamen was planning a 2017 competition in the United States and had recruited Mahboob to form a team from Afghanistan. Out of 150 girls, 12 were selected for the first team. Before parts were sent by Kamen, they trained in the basement of the home of Mahboob's parents, with scrap metal and without safety equipment under the guidance of their coach, Mahboob's brother Alireza Mehraban, who is also a co-founder of the team. == 2017 and 2018 == In 2017, six members of the Afghan Girls Robotics Team traveled to the United States to participate in the international FIRST Global Challenge robotics competition. Their visas were rejected twice after they made two journeys from Herat to Kabul through Taliban-controlled areas, before officials in the United States government intervened to allow them to enter the United States. Customs officials also detained their robotics kits, which left them two weeks to construct their robot, unlike some teams that had more time. They were awarded a Silver medal for Courageous Achievement. One week after they returned home from the competition, the father of team captain Fatemah Qaderyan, Mohammad Asif Qaderyan, was killed in a suicide bombing. After their United States visas expired, the team participated in competitions in Estonia and Istanbul. Three of the 12 members participated in the 2017 Entrepreneurial Challenge at the Robotex festival in Estonia, and won the competition for their solar-powered robot designed to assist farmers. In 2018, the team trained in Canada, continued to travel in the United States for months and participate in competitions. == 2019 == The Afghan Girls Robotics team had aspirations to develop a science and technology school for girls in Afghanistan. Roya Mahboob interfaced with the School of Engineering and Applied Sciences (SEAS), the School of Architecture, and the Whitney and Betty MacMillan Center for International and Area Studies Yale University to design the infrastructure for what they named The Dreamer Institute. == 2020 == In March 2020, the governor of Herat at the time, in response to the COVID-19 pandemic in Afghanistan and a scarcity of ventilators, sought help with the design of low-cost ventilators, and the Afghan Girls Robotics Team was one of six teams contacted by the government. Using a design from Massachusetts Institute of Technology and with guidance from MIT engineers and Douglas Chin, a surgeon in California, the team developed a prototype with Toyota Corolla parts and a chain drive from a Honda motorcycle. UNICEF also supported the team with the acquisition of necessary parts during the three months they spent building the prototype that was completed in July 2020. Their design costs around $500 compared to $50,000 for a ventilator. In December 2020, Minister of Industry and Commerce Nizar Ahmad Ghoryani donated funding and obtained land for a factory to produce the ventilators. Under the direction of their mentor Roya Mahboob, the Afghan Dreamers also designed a UVC Robot for sanitization, and a Spray Robot for disinfection, both of which were approved by the Ministry of Health for production. == 2021 == In early August 2021, Somaya Faruqi, former captain of the team, was quoted by Public Radio International about the future of Afghanistan, stating, "We don’t support any group over another but for us what’s important is that we be able to continue our work. Women in Afghanistan have made a lot of progress over the past two decades and this progress must be respected." On August 17, 2021, the Afghan Girls Robotics Team and their coaches were reported to be attempting to evacuate, but unable to obtain a flight out of Afghanistan, and a lawyer appealed to Canada for assistance regarding the evacuation of the team members. As of August 19, 2021, nine members of the team and their coaches had evacuated to Qatar. The founder of the team, Roya Mahboob, and DCF board member, Elizabeth Schaeffer Brown, were previously in contact with the Qatari government to assist the team members in their evacuation from Afghanistan. By August 25, 2021, some members arrived in Mexico. Saghar, a team member who evacuated to Mexico, said, "We wanted to continue the path that we started to continue to go for our achievements and to go for having our dreams through reality. So that's why we decided to leave Afghanistan and go for somewhere safe" in an interview with The Associated Press. The members who have left Afghanistan participated in an online robotics competition in September and plan to continue their education. A documentary film titled Afghan Dreamers, produced by Beth Murphy and directed by David Greenwald, was in post-production when the team began to evacuate. == 2022 == The Afghan Dreamers were involved in a training program at the Texas A&M University at Qatar’s STEM Hub. == 2023 == The Afghan Girls Robotics Team had a booth at the 5th UN Conference on the Least Developed Countries, where they displayed some of the robots the team had constructed. == Afghan Dreamers documentary == The Afghan Dreamers documentary from MTV Documentary Films premiered in May 2023 on Paramount+. The film was directed by David Greenwald and produced by David Cowan and Beth Murphy. In a review for Screen Daily, Wendy Ide wrote, "This film, with its likeable cast of girl nerds and positive message, should enjoy a warm reception on the festival circuit, and will be of particular interest to events seeking to showcase women's stories from around the world. It also serves as a timely cautionary tale – a case study on just how quickly the rights and the opportunities of women can be curtailed, at the behest of the men in power." == Honors and awards == 2017 Silver medal for Courageous Achievement at the FIRST Global Challenge, science and technology 2017 Benefiting Humanity in AI Award at World Summit AI 2017 Winner, Entrepreneurship Challenge at Robotex in Estonia 2018 Permission to Dream Award, Raw Film Festival 2018 Conrad Innovation Challenge, Raw Film Festival 2018 Rookie All Star – District Championship, Canada 2018 Asia Game Changer Award Honoree 2019 Inspiring in Engineering Award – FIRST Detroit World Championship 2019 Asia Game Changer Award of California 2019 Safety Award – FIRST Global, Dubai 2021 Forbes 30 Under 30 Asia 2022 World Championships, Genoa, Switzerland

Static program analysis

In computer science, static program analysis (also known as static analysis or static simulation) is the analysis of computer programs performed without executing them, in contrast with dynamic program analysis, which is performed on programs during their execution in the integrated environment. The term is usually applied to analysis performed by an automated tool, with human analysis typically being called "program understanding", program comprehension, or code review. In the last of these, software inspection and software walkthroughs are also used. In most cases the analysis is performed on some version of a program's source code, and, in other cases, on some form of its object code. Two leading approaches to resource certification have been Static Analysis (SA) and Implicit Computational Complexity (ICC). SA is algorithmic in nature: it focuses on a broad programming language of choice, and seeks to determine by syntactic means whether given programs in that language are feasible. In contrast, ICC attempts to create from the outset specialized programming languages or methods that delineate a complexity class. Thus, SA's focus is on compile time, making no demand on the programmer; whereas ICC is a language-design discipline." The discipline of static analysis should not be confused with linting, which is the process of checking for coding style mistakes. == Rationale == The sophistication of the analysis performed by tools varies from those that only consider the behaviour of individual statements and declarations, to those that include the complete source code of a program in their analysis. The uses of the information obtained from the analysis vary from highlighting possible coding errors (e.g., the lint tool) to formal methods that mathematically prove properties about a given program (e.g., its behaviour matches that of its specification). Software metrics and reverse engineering can be described as forms of static analysis. Deriving software metrics and static analysis are increasingly deployed together, especially in creation of embedded systems, by defining so-called software quality objectives. A growing commercial use of static analysis is in the verification of properties of software used in safety-critical computer systems and locating potentially vulnerable code. For example, the following industries have identified the use of static code analysis as a means of improving the quality of increasingly sophisticated and complex software: Medical software: The US Food and Drug Administration (FDA) has identified the use of static analysis for medical devices. Nuclear software: In the UK the Office for Nuclear Regulation (ONR) recommends the use of static analysis on reactor protection systems. Aviation software (in combination with dynamic analysis). Automotive & Machines (functional safety features form an integral part of each automotive product development phase, ISO 26262, section 8). A study in 2012 by VDC Research reported that 28.7% of the embedded software engineers surveyed use static analysis tools and 39.7% expect to use them within 2 years. A study from 2010 found that 60% of the interviewed developers in European research projects made at least use of their basic IDE built-in static analyzers. However, only about 10% employed an additional other (and perhaps more advanced) analysis tool. In the application security industry the name static application security testing (SAST) is also used. SAST is an important part of Security Development Lifecycles (SDLs) such as the SDL defined by Microsoft and a common practice in software companies. == Tool types == The OMG (Object Management Group) published a study regarding the types of software analysis required for software quality measurement and assessment. This document on "How to Deliver Resilient, Secure, Efficient, and Easily Changed IT Systems in Line with CISQ Recommendations" describes three levels of software analysis. Unit Level Analysis that takes place within a specific program or subroutine, without connecting to the context of that program. Technology Level Analysis that takes into account interactions between unit programs to get a more holistic and semantic view of the overall program in order to find issues and avoid obvious false positives. System Level Analysis that takes into account the interactions between unit programs, but without being limited to one specific technology or programming language. A further level of software analysis can be defined. Mission/Business Level Analysis that takes into account the business/mission layer terms, rules and processes that are implemented within the software system for its operation as part of enterprise or program/mission layer activities. These elements are implemented without being limited to one specific technology or programming language and in many cases are distributed across multiple languages, but are statically extracted and analyzed for system understanding for mission assurance. == Formal methods == Formal methods is the term applied to the analysis of software (and computer hardware) whose results are obtained purely through the use of rigorous mathematical methods. The mathematical techniques used include denotational semantics, axiomatic semantics, operational semantics, and abstract interpretation. By a straightforward reduction to the halting problem, it is possible to prove that (for any Turing complete language), finding all possible run-time errors in an arbitrary program (or more generally any kind of violation of a specification on the final result of a program) is undecidable: there is no mechanical method that can always answer truthfully whether an arbitrary program may or may not exhibit runtime errors. This result dates from the works of Church, Gödel and Turing in the 1930s (see: Halting problem and Rice's theorem). As with many undecidable questions, one can still attempt to give useful approximate solutions. Some of the implementation techniques of formal static analysis include: Abstract interpretation, to model the effect that every statement has on the state of an abstract machine (i.e., it 'executes' the software based on the mathematical properties of each statement and declaration). This abstract machine over-approximates the behaviours of the system: the abstract system is thus made simpler to analyze, at the expense of incompleteness (not every property true of the original system is true of the abstract system). If properly done, though, abstract interpretation is sound (every property true of the abstract system can be mapped to a true property of the original system). Data-flow analysis, a lattice-based technique for gathering information about the possible set of values; Hoare logic, a formal system with a set of logical rules for reasoning rigorously about the correctness of computer programs. There is tool support for some programming languages (e.g., the SPARK programming language (a subset of Ada) and the Java Modeling Language—JML—using ESC/Java and ESC/Java2, Frama-C WP (weakest precondition) plugin for the C language extended with ACSL (ANSI/ISO C Specification Language) ). Model checking, considers systems that have finite state or may be reduced to finite state by abstraction; Symbolic execution, as used to derive mathematical expressions representing the value of mutated variables at particular points in the code. Nullable reference analysis == Data-driven static analysis == Data-driven static analysis leverages extensive codebases to infer coding rules and improve the accuracy of the analysis. For instance, one can use all Java open-source packages available on GitHub to learn good analysis strategies. The rule inference can use machine learning techniques. It is also possible to learn from a large amount of past fixes and warnings. == Remediation == Static analyzers produce warnings. For certain types of warnings, it is possible to design and implement automated remediation techniques. For example, Logozzo and Ball have proposed automated remediations for C# cccheck.